HIPS you run in training mode on a clean system and re-train when you make major changes; you don't just "install and forget" HIPS.
The pattern I'm seeing with virtualization is a
false sense of security. Unless you build VM completely isolated from your data (VirtualBox, VMWare, Hyper-V--not ShadowDefender, et. al.), you only protected your host from damage, not your data (the important part) from theft.
Backups protect your data from
loss, not
theft.
I just popped SecureAPlus on my VM (free for 1 year or 18 months at one of the giveaway sites) and am running it on my downloads folder (~280GB) and oh my is it slow--even the inital full scan (only C drive) was slow and you can't abort it. It looks really good for a second through eleventh opinion scanner.
The only 100% defence against 0-day attacks is the power switch.
![Stick out tongue :p :p](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)
If that it to stringent for you, then, in order of importance:
-1. Switch to linux
0. 0-day software updates
1. Never, ever, ever click on an ad or a link in an e-mail. Ever. Nevereverneverevereverevernever do that. Ever. No exceptions
2. Hardened OS/configuration (that's one notch lighter than the power switch..not something I recommend for ordinary use, only here for completeness)
3. Layered security:
3.a.Firewall (Comodo)
3.b. HIPS (Comodo)
3.c. Behaviour Blocker (Qihoo)
3.d. Anti-Virus (Qihoo)
3.e. Adblocker (Adguard or uBlock Origin)
3.f. Browser security extension (pick any really, Avast, BD, Qihoo, etc.--it's a separate product)
4. VirusTotal Uploader
5. Test stuff on a real VM (VirtualBox) before running on your production host if you have any doubts (and test your security software configuration on it)
6. Never use defaults: make conscientious decisions when configuring every. single. option. Read the manual--an option so important that there's an acronym for it!
Total cost: $0
I don't know about "Anti-Exploit" software. My only experience with it (MBAE) was one detection, a false positive that couldn't be any more false: it protected Foxit Reader from Foxit Reader during Foxit Reader installation and it kept all my other security software from working. Test on a VM first!